<?php
//200902111116
//verification code changed
//200902102223
//code seems up to date


	if ($id) {
		$SITE_MIDDLE .= FormatElement(GetLangString($lang,"txt_error"),GetLangString($lang,"msg_signuploggedin"));
	} else 
	if ($_REQUEST['signup']) {
		$email 	= mb_strtolower($_REQUEST['email'],"UTF-8");
		$name 	= mb_strtolower($_REQUEST['user'],"UTF-8");
		$hash = 	escapestr($_REQUEST['hash']);	
		$time = 	escapestr($_REQUEST['time']);

						$email 	= escapestr($email);
						$name 	= escapestr($name);
						//$time	 	= time();
						//$hash = md5 (escapestr($_REQUEST['password']));
						$query = "INSERT INTO users (name,password,signup,email,lang) 
									VALUES ('$name','$hash', '$time' ,'$email','$lang')" ;
						$result = mysql_query($query);
						if ($result) {
							mkdir("users/$name");							
							mkdir("users/$name/photos");							
							$success=true;
							$SITE_MIDDLE .= FormatElement(GetLangString($lang,"txt_regsuccess"),str_ireplace("%site_title%",$SITE_TITLE,GetLangString($lang,"msg_regsuccess")));
						$SITE_MIDDLE .= 	$code = md5($hash.$name);
						//	SendVerification($name,$time,$email);
						} else {
							$SITE_MIDDLE .= FormatElement(GetLangString($lang,"txt_error"),GetLangString($lang,"msg_dberror"));
						}
					
						$query        = "SELECT id from users where name='$name'";
						$result = mysql_query($query);
						if (mysql_num_rows($result)){ 
							$id = mysql_result ($result,0);
							$query = "INSERT INTO info (id) VALUES ('$id')" ;	
							$result = mysql_query($query);
							if (!$result) {
						$SITE_MIDDLE .= FormatElement(GetLangString($lang,"txt_error"),GetLangString($lang,"msg_dberror"));
							}
							$query = "INSERT INTO profile (id) VALUES ('$id')" ;	
							$result = mysql_query($query);
							if (!$result) {
						$SITE_MIDDLE .= FormatElement(GetLangString($lang,"txt_error"),GetLangString($lang,"msg_dberror"));
							}
				}		
			} 
				
			if (!$success) $SITE_MIDDLE .=
			FormatElement(GetLangString($lang,"txt_signup"),"
			<form method='POST' ACTION='index.php?do=import'>
			<label>".GetLangString($lang,"txt_name")."</label><br><input name='user' value='$name' type='text'><br>
			<label>".GetLangString($lang,"txt_hash")."</label><br><input name='hash' type='text'><br>
			<label>".GetLangString($lang,"txt_email")."</label><br><input name='email' value='$email' type='text'><br>
			<label>".GetLangString($lang,"txt_time")."</label><br><input name='time' value='$time' type='text'><br>

			<input value='".GetLangString($lang,"txt_signup")."'  name='signup' type='submit'>
			</form>"); 

?>
